You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/07/13 23:03:23 UTC

[GitHub] [superset] eschutho commented on a diff in pull request #20285: fix(sql lab): SQL Lab access restrictions not applied to default schema

eschutho commented on code in PR #20285:
URL: https://github.com/apache/superset/pull/20285#discussion_r920577799


##########
superset/security/manager.py:
##########
@@ -1054,19 +1054,24 @@ def raise_for_access(
             denied = set()
 
             for table_ in tables:
-                schema_perm = self.get_schema_perm(database, schema=table_.schema)
+                datasources = SqlaTable.query_datasources_by_name(
+                    self.get_session, database, table_.table
+                )
 
-                if not (schema_perm and self.can_access("schema_access", schema_perm)):
-                    datasources = SqlaTable.query_datasources_by_name(
-                        self.get_session, database, table_.table, schema=table_.schema
-                    )
+                # Access to any datasource is suffice.
+                for datasource_ in datasources:

Review Comment:
   @diegomedina248 I tested this out what I found is the way this reads now, if datasources is empty, i.e., there are no datasets created for this table, they will hit line 1074 and not get access to the schema. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org